betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

03 October 2008

Drug Tests at Apple!!! NOW!!!

Anybody thought of the children?

Since I don't seem in the spirit to write something serious on this filthy blogz0r, I might as well vent some steam with a little RANT here. So, one of our applications is using the file(1) command to identify what certain files on the file system are. And what does Apple do with the 10.5 (Leopard) update? They change the command line parameters... where -i was documented as "Causes the file command to output mime type strings rather than the more traditional human readable ones" now it's "If the file is a regular file do not classify its contents". It's doing more or less the complete contrary to what it did before. This change apparently happened from version 4.10 to 4.17 of the file utility (and possibly the hopefully soon drug tested Apple guys innocently picked up that ugly change without looking... DAMN, YOU SHOULD HAVE LOOKED!!).

The solution is to use the long option version --mime, which (probably by a comical accident) the loonies didn't change.

Next Apple employees up for drug testing: Whoever is responsible for that ssh authentication f*up in 10.5. WTF? Typing the ssh keyphrase into the terminal wasn't good enough for you? If I needed a fancy popping up window, I probably wouldn't be using the Terminal in the first place you luserz!

Posted by betabug at 11:49 | Comments (4) | Trackbacks (0)
ch athens
Life in Athens (Greece) for a foreigner from the other side of the mountains. And with an interest in digital life and the feeling of change in a big city. Multilingual English - German - Greek.
Main blog page
Recent Entries
Best of
Some of the most sought after posts, judging from access logs and search engine queries.

Apple & Macintosh:
Security & Privacy:
Misc technical:
Athens for tourists and visitors:
Life in general:
<< Sailing Away | Main | Happy 60th Birthday 2CV >>
Re: Drug Tests at Apple!!! NOW!!!

I enjoy bitching Apple myself but that doesn't look like Apple-specific behavior. All free Unixen share the same file(1) implementation. '-i' in my Debian installation is a shorthand for '--mime' too. The strange thing is that POSIX seems to standardize the original behavior. Drug usage is widespread, I guess.

Posted by: Vasilis P. at October 03,2008 12:43
Re: Drug Tests at Apple!!! NOW!!!

Ohh, Apple changed behavior from "causes the file command to output mime type strings rather than the more traditional human readable ones" to "If the file is a regular file do not classify its contents", I thought it was the other way round. Now it makes sense (they patched file(1) to comply with the SUSv3 standards).

Posted by: Vasilis P. at October 03,2008 14:36
Re: Drug Tests at Apple!!! NOW!!!

Hi, this is your fellow Leopy user :)

While I too bitch Apple some times (loved my hackintosh), now I guess is time, not to defend them but to disagree with the content of your rant. (Hey! is your blog, you can rant as much as you want :D ).

First point: deploying and dependences. Two days ago when I was just ready to deploy my new app created with the mighty Visual Studio 2008 and using all the new tinky-winky things from .NET 3.5 a question came into my mind: Can I deploy my app in this specific server?

I was working within my development environment and the server (of course) had a different one. Then I started to make a list of libraries and settings I needed in order to run my application in that machine. I thought I did everything but when I was ready to give it a run: CRASH! KABOOM!

Why? I forgot one small parameter that altered the output of some of my functions. I was bitching at Microsoft, but it was my fault I didn't point out all the dependences.

Moral: detect all your dependences and write tests to automate early detection of this kind of problems.

Second: Some desktop environments try to make things more easy even when using the terminal. For ssh in linux you can find the might ssh-askpass and all the implementations for the modern desktop environments. This usually helps graphical tools to deal with ssh when, for example, Netbeans whants to svn update from a repository connecting through ssh. Your screen becomes grey and a text box appears asking for your private key passphrase.

Did apple "hack" ssh for this? I tried with a new account in my Leopard and I got some results:

1. Remote connections (ssh) do not pop-up a window in the server machine asking for the password of the user who is operating remotely. Thats obvious it should work like that, but I was just testing.

2. What makes ssh prompt you with a graphical dialog? The default SSH key manager. Yes, Leopard comes with an integrated ssh key manager and for any login shell you'll get an environment variable called SSH_AUTH_SOCK. This behaviour is the normal one, they didn't change anything in ssh, they only set up somethings to work in "their way".

So we agree that you don't like their way. Like colours, everyone likes one more than others. Do it in your way, unset SSH_AUTH_SOCK or just stop the ssh-agent in you system (For openbsd fanboys: ls /System/Library/LaunchAgents/*openbsd* ).

Morale: "Nunca llueve a gusto de todos" = Rain never pleases everyone in the same way.

Posted by: graffic at October 04,2008 12:52
Re: Drug Tests at Apple!!! NOW!!!

graffic, "write tests to automate early detection" - well, I detected this stuff in two of my tests, otherwise I couldn't have written this rant :-)

As for the keyphrase dialog (note that I never wrote "password"), first I think it's just bad style and useless and 2nd if you read about what they're doing - in and out of the keychain and back, dialog etc. etc. it is just a matter of time that someone finds a security vulnerability in this added complexity. OpenSSH usually handles things in a certain way for a reason... just ask the Debian guys.

Posted by: betabug at October 06,2008 22:36
You can trackback to:
There are no trackbacks.
Leave a comment